public ActionResult OrderInquire(int?timeunix, string signature, OrderInquireRequest request) { var getByWhere = sqlSugarClient.Queryable <table_商户明细提款>().Where(it => it.商户ID == request.UserName && it.商户API订单号 == request.OrderNumberMerchant).ToList(); if (getByWhere.Count > 0) { OrderInquireResponse orderInquireResponse = AutoCopy <BaseResponse, OrderInquireResponse>(baseSuccess); orderInquireResponse.OrderNumberMerchant = request.OrderNumberMerchant; orderInquireResponse.OrderNumberSite = getByWhere[0].订单号; orderInquireResponse.OrderTimeCreation = getByWhere[0].时间创建.Value.ToString("yyyy-MM-dd HH:mm:ss"); if (getByWhere[0].时间完成.HasValue) { orderInquireResponse.OrderTimeEnd = getByWhere[0].时间完成.Value.ToString("yyyy-MM-dd HH:mm:ss"); } orderInquireResponse.OrderType = getByWhere[0].类型; orderInquireResponse.OrderStatus = getByWhere[0].状态; orderInquireResponse.Username = request.UserName; orderInquireResponse.Userpassword = request.UserPassword; JsonResult jsonResult = new JsonResult(); jsonResult.Data = orderInquireResponse; return(jsonResult); } else { return(GetStandardError(BaseErrors.ERROR_NUMBER.LX1007, request.UserName, request.UserPassword)); } }
private void VerifySignature(ActionExecutingContext filterContext, string path, table_商户账号 dbAccount) { string apiPassword = dbAccount.商户密码API; string secret = dbAccount.公共密匙; int? timeunix = filterContext.ActionParameters[tsKey] as int?; Int32 unixTimestamp = (Int32)(DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds; if (unixTimestamp - timeunix.Value > 180) { filterContext.Result = GetStandardError(BaseErrors.ERROR_NUMBER.LX1006, dbAccount.商户ID, unixTimestamp + "-" + timeunix.Value + "=" + (unixTimestamp - timeunix.Value)); return; } string signature = filterContext.ActionParameters[signKey] as string; string source; if (path.Contains("AccountInquiry")) { source = dbAccount.商户ID + apiPassword + timeunix + secret; } else if (path.Contains("OrderInquire")) { OrderInquireRequest orderInquireRequest = filterContext.ActionParameters["request"] as OrderInquireRequest; source = dbAccount.商户ID + apiPassword + timeunix + orderInquireRequest.OrderNumberMerchant + secret; } else if (path.Contains("OrderCreate")) { OrderCreateRequest orderCreateRequest = filterContext.ActionParameters["request"] as OrderCreateRequest; source = dbAccount.商户ID + apiPassword + timeunix + orderCreateRequest.OrderNumberMerchant + orderCreateRequest.AimsCardNumber + orderCreateRequest.AimsCardName + orderCreateRequest.AimsCardBank + orderCreateRequest.AimsMoney + secret; } else { filterContext.Result = GetStandardError(BaseErrors.ERROR_NUMBER.LX1018, dbAccount.商户ID); return; } using (MD5 md5Hash = MD5.Create()) { if (!VerifyMd5Hash(md5Hash, source, signature)) { if (dbAccount.签名错误累计 > MAX_ERROR_COUNT) { filterContext.Result = GetStandardError(BaseErrors.ERROR_NUMBER.LX1002, dbAccount.商户ID); } else { dbAccount.签名错误累计++; sqlSugarClient.Updateable(dbAccount).UpdateColumns(it => new { it.签名错误累计 }).ExecuteCommand();; filterContext.Result = GetStandardError(BaseErrors.ERROR_NUMBER.LX1004, dbAccount.商户ID); } } } }